With the collapse of FTX and Alameda so close on the heels of Celsius, one thing is clear – the regulatory and enforcement storm so many anticipated coming to crypto is now here. Unfortunately, regardless of what the facts surrounding FTX and Alameda ultimately turn out to be, incidents like this serve to reinforce the biases of enforcement agencies against all crypto companies, regardless of their construction, design, operation, or leadership. For some prosecutors and investigators, this incident will be seen as validation of the view that everything and everyone in the crypto space is dirty, or a scam (or both).
That’s not true, and it’s not fair, but it’s the reality crypto companies are facing. And these effects will linger long after the fall of FTX is a memory.
Even in the best of times, it’s hard to get enforcement agencies not to paint all crypto companies with the same brush. These are not the best of times – and all it takes is one or two high-profile incidents to undo years of progress, and we’ve now had more than that just in the past few months.
So what should crypto companies be doing now, with these storm clouds clearly on the horizon?
First, line up counsel now, so you are prepared for the day when subpoenas arrive and agents start knocking on doors to interview your people. Decisions made in the initial moments of an investigation can have far-reaching consequences, so it’s important to think through those scenarios and issues in advance.
Second, this is the time for a “wellness check” of sorts – a review of the areas of your business that are most likely to draw interest from DOJ and other agencies. AML/KYC. Sanctions. Disclosures to customers or counterparties. Lending arrangements. Arrangements among companies with shared or overlapping ownership. All of these should be scrutinized by your company now, because agencies will scrutinize them later. And to be most useful, this type of review should be done by a different firm than the one that helped design your systems or drafted your policies. In these circumstances, a fresh set of eyes is better, and more credible with the government, than having a firm check its own work. This doesn’t mean displacing that firm – it means making sure you have covered all of your bases. Doing this type of review won’t prevent a company from being targeted, just as storm shutters can’t prevent a hurricane. But it will increase the chances that the company can mitigate the pain associated with any such investigation and put the company in a stronger position to get through it successfully.
Exchanges and other VASPs, decentralized exchanges and decentralized finance platforms, and others in the digital asset space would be wise to prepare now – the calm before the storm is over, and the storm will be with us for quite some time.